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DETAILED ACTION 

This action is in response to the communication filed on 1/3/08. 
All objections and rejections not set forth below have been withdrawn. 
Claims 1 -7, 9, 13-33, and 35-40 are pending. 
Claims 8, 10 - 12, 34, and 41 - 53 are canceled. 

Specification 

The specification is objected to as failing to provide proper antecedent basis for 
the claimed subject matter. See 37 CFR 1.75(d)(1) and MPEP § 608.01 (o). Correction 
of the following is required: 

The specification fails to provide proper antecedent basis for the recitations (or 
essentially similar recitations) of "wherein the first Ethernet packet also includes an 
outer Ethernet header and a manufacturer header", "a manufacturer header", "wherein 
the manufacturer header includes the memory address", "a user-specific type field", 
"wherein the outer Ethernet header comprises a user-specific type field", and 
"generating a second Ethernet packet encapsulating the memory address and the first 
Ethernet packet", as found recited within claims 1 - 7, 9, 13 - 16, 18, 26 - 33, 35, 36 
and 38. 
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Claim Rejections - 35 USC §112 

The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the manner and process of 
making and using it, in such full, clear, concise, and exact terms as to enable any person skilled in the 
art to which it pertains, or with which it is most nearly connected, to make and use the same and shall 
set forth the best mode contemplated by the inventor of carrying out his invention. 

Claims 1 - 7, 9, 13 - 16, 18, 26 - 33, 35, 36 and 38 are rejected under 35 
U.S.C. 112, first paragraph, as failing to comply with the written description 
requirement. The claim(s) contains subject matter which was not described in the 
specification in such a way as to reasonably convey to one skilled in the relevant art that 
the inventor(s), at the time the application was filed, had possession of the claimed 
invention. Applicant has not pointed out where the new (or amended) claim is 
supported, nor does there appear to be a written description of the claim limitations in 
the application as filed (see above objection to the specification). 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

Claims 2 - 7, 9, 13 - 15, 18, 28 - 33, and 38 are rejected under 35 U.S.C. 112, 
second paragraph, as being indefinite for failing to particularly point out and 
distinctly claim the subject matter which applicant regards as the invention. 

Regarding claims 2 - 7, 9, 1 3 - 1 5, 1 8, 28 - 33, and 38, they are rejected as 
being indefinite. The claim recitation of "...a manufacturer header..." lacks a defined 
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and customary meaning to those of ordinary skill in the art and the applicant's fail to 
define "a manufacturer header", thereby rendering the scope of these claims 
indeterminate. Furthermore, the claim recitation of "...a user-specific type field..." lacks 
a defined and customary meaning to those of ordinary skill in the art and the applicant's 
fail to define "a user-specific type field", thereby rendering the scope of these claims 
indeterminate. For the purpose of examination the examiner presumes the applicant to 
refer to another header and a type field. 

Claim 7 recites "...wherein the second, third and fourth bytes of the manufacturer 
header. . ." in line 1 . Applicant has no prior claim of "second, third, and fourth bytes" or 
of a header comprising "second, third, and fourth bytes" . Thus, there is insufficient 
antecedent basis for this limitation in the claim. For the purpose of examination, the 
examiner presumes the applicant to recite "...wherein second, third and fourth bytes of 
a manufacturer header...". 

All depending claims to the above rejected claims are rejected by virtue of their 
dependency. 

Claim Rejections - 35 USC § 103 



The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 
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(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

Claims 1 -4, 16, 17, 22-29, 31, and 35-40 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Bryers et al. (Bryers), U.S. Patent Publication 
2003/0126233 in view of Mercer et al. (Mercer), "Method for Establishing a 
Security Association Between Two or More Computers Communicating Via an 
Interconnected Computer Network", U.S. Patent Publication 2003/0018908. 

Regarding claim 1 , Bryers discloses: 

receiving in a security processor a first Ethernet packet comprising a second 
Ethernet packet (fig. 10, 1 1 , 15a, 16; par. 77, 114 -Herein, Bryers discloses a 
processing unit, such as a router, that performs security processing upon received 
Ethernet packets [i.e. a first Ethernet packet comprising a second Ethernet packet]); 

Bryers discloses processing encapsulated ethernet packets according to security 
associations (fig. 10), however, Bryers does not appear to explicitly disclose that a 
packet comprises a memory address associated with a security association, extracting 
the memory address, retrieving the security association from a memory using the 
recieved memory address. 

Mercer discloses that for the purpose of handling the requirements of high speed 
networks (par. 11), packets should comprise a memory address associated with a 
security association (par. 13). Furthermore, processing such packets includes 
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extracting the memory address and retrieving a corresponding security association from 
memory (fig. 7). 

It would have been obvious to employ the improved packet handling and 
processing techniques of Mercer within the system of Bryers. This would have been 
obvious because one of ordinary skill in the art would have been motivated by the 
teachings of prior that show such techniques improve security processing (Mercer, par. 
11). 

The combination enables: 

and encrypting at least a portion of the extracted second Ethernet packet 
according to the retrieved security association (Bryers, fig. par. 193, 194, 198). 

Regarding claim 37, it is rejected, at least, for the same reasons as claim 1 , and 
furthermore because the combination enables a processing device for operating 
according to the Ethernet and IPSEC protocols and comprising at least one data 
memory for storing at least one security association; at least one Gigabit MAC for 
receiving at least one second Ethernet packet (Bryers, par. 1 99, fig. 4). 

Regarding claims 2-4, 16, 25, and 38 the combination enables an outer 
Ethernet header and a manufacturer header and wherein the manufacturer header 
comprises the memory address and wherein the outer Ethernet header comprises an 
Ethernet address of the security processor and wherein the extracting step comprises 
determining whether an Ethernet address from the at least one second Ethernet packet 
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matches an Ethernet address of the security processor (Bryers, par. 120, 193; Mercer, 
par. 13). 

Regarding claims 17, 26 - 29 and 31, they comprise essentially similar 
recitations to the rejected claims above, and they are rejected, at least, for the same 
reasons. 

Regarding claims 22 - 24, the combination enables retrieving security 
associations and encryption (Bryers 120- 124). 

Regarding claims 13 - 15, the combination enables wherein the retrieving step 
comprises retrieving the at least one security association from a data memory in a 
security processor and wherein the encrypting step comprises using an encryption key 
associated with the at least one security association and wherein the encrypting step 
comprises using an encryption algorithm defined by the at least one security association 
(Bryers, par. 120, 121, 124). 

Regarding claims 35 - 36, they comprise essentially similar recitations to the 
rejected claims above, and they are rejected, at least, for the same reasons. 

Regarding claim 39, the combination enables, wherein the at least one 
encryption processor comprises at least one IPSec processor (Bryers, par. 1 20 -1 24). 



Application/Control Number: 10/728,192 
Art Unit: 2137 



Page 8 



Regarding claims 40, the combination enables, an integrated circuit (Bryers, par. 

23). 

Claims 5 - 7, 9, 18 - 21, 30, 32 -33 are rejected under 35 U.S.C. 103(a) as 
being unpatentable over the combination of Bryers and Mercer in view of 
Stevens, TCP/IP Illustrated . 

Regarding claim 5, the combination does not appear to explicitly disclose that 
Ethernet packets comprise user-specific type fields. Stevens discloses that composition 
of packets sent via Ethernet, the composition comprising user-specific type fields 
(Stevens, pg. 23, fig. 2.1 ). It would have been obvious to one of ordinary skill in the art 
to recognize the teachings of Stevens within the combination of Bryers and Mercer. 
This would have been obvious because one of ordinary skill in the art would have been 
motivated to follow the established standard required to employ Ethernet. 

Regarding claims 6 and 7, the combination enables wherein a first byte of the 
manufacturer header is set to zero, and wherein second, third and fourth bytes of the 
manufacturer header includes the memory address (Stevens, pg. 22, 23). 

Regarding claim 9, it is rejected, at least, for the same reasons as claims 5-8. 
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Regarding claims 18 - 21 , they are rejected, at least, for the same reasons as 
claims 6 - 12. 

Regarding claims 30, 32 - 33, they comprise essentially similar recitations to the 
rejected claims above, and they are rejected, at least, for the same reasons. 

Response to Arguments 

Applicant's arguments with respect to claims 1 - 7, 9, 13 - 33, and 35 - 40 have 
been considered but are moot in view of the new ground(s) of rejection. 

Furthermore Applicant's arguments filed 1/3/08 have been fully considered but 
they are not persuasive. 

Applicant argues essentially that: 

(i) Bryers does not teach or suggest that the flow stage module generates an 
Ethernet packet having the handle or that the IPSec receives an Ethernet packet having 
the handle from the flow stage module. 

Thus, Bryers does not teach or suggest "receiving in a security processor a first 
Ethernet packet comprising a second Ethernet packet and a memory address 
associated with a security association, " as recited in amended independent claim 1. 
(Remarks, pg. 12) 
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Bryers also does not teach or suggest a method of or security processor for 
"generating encrypted packets by processing a first Ethernet packet comprising a 
second Ethernet packet and a memory address associated with a security association 
... comprising ... extracting the memory address from the first Ethernet packet, " as 
recited in amended independent claims 17 and 37. (Remarks, pg. 12) 

Bryers further does not teach or suggest "generating a first Ethernet packet ... 
generating a second Ethernet packet encapsulating the memory address and the at 
least one first Ethernet packet, " as recited in amended independent claim 26. 
(Remarks, pg. 12) 

It is respectfully noted, in response to applicant's argument that the references 
fail to show certain features of applicant's invention, that the features upon which 
applicant relies (i.e., the flow stage module generates an Ethernet packet having the 
handle or that the IPSec receives an Ethernet packet having the handle from the flow 
stage module) are not recited in the rejected claim(s). Although the claims are 
interpreted in light of the specification, limitations from the specification are not read into 
the claims. See In re Van Geuns, 988 F.2d 1181, 26 USPQ2d 1057 (Fed. Cir. 1993). 
However, it is further noted that, while the applicant argues "Bryers does not teach or 
suggest that the flow stage module generates an Ethernet packet ...Thus, Bryers does 
not teach or suggest "receiving in a security processor...", the examiner points out that 
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the prior art clearly discloses a security device, such as a router, that receives and 
processes the combination of an Ethernet packet and a memory address (the 
combination comprising an Ethernet packet) (Bryers, fig. 10, 11, 15a, 16; par. 77, 114; 
Mercer, par. 13). 

Conclusion 

The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure: 

See Notice of References Cited. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See M PEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
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the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Jeffery Williams whose telephone number is (571 ) 272- 
7965. The examiner can normally be reached on 8:30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is (703) 
872-9306. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 



J. Williams 
AU 2137 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2137 



